Ransomware and other threats are not going away anytime soon and healthcare will continue to be a target for attackers. The hope is that healthcare professionals continue to keep IT security top of mind.

Today, hospitals and healthcare organizations face many risks that they didn’t have to deal with until few years ago. This ever growing list of risks includes social engineering, redundant applications, within a network and keeping patient files secure and confidential but yet available and escalation of privileges.

Before you tell me that risk classifications are important, water is wet, the sun is hot and ice is cold, I'd like to remind you how many enterprises still do it poorly. I almost wish it was a simple as data telling you it's critical or not, but let's face it the game is very rarely that simple...

Marketing organizations salivate at the prospects of doing advanced analysis with such data to discover new trends and marketing possibilities. The government wants to use it for investigations. Historians want to use it for, yes, marking historical events. And the list could go on...

It is no accident that the largest healthcare organizations have the highest rate of patient-privacy breaches. The old saying – “the bigger they are, the harder they fall” is true, but more than that is happening when it comes to patient-privacy breaches in America as a whole...

We need a well-conceived set of administrative and technical controls - our policy, while still acknowledging that every living creature on the planet is organically attached to a smart device, must dictate that the user will follow the policy at risk of termination...

Many technology vendors tout the idea of self management, and the advantages of mobile healthcare apps, virtual visits, tablets and e-detailing but in fact, a face-to-face relationship with a doctor is more powerful than a digital relationship alone. We don’t need Sherry Turkle to tell us that...

Organizations that make up the small to medium enterprise market are finding themselves in trouble as they are appearing on a lot of radar screens for attack, yet can't seem to find the resources they need to defend themselves adequately. Lots of challenges present around that point, to start off with...

If pharmaceutical companies can access data from patients, then they can design and manufacture better products. This is good for patient health but problematic for current regulation of patient privacy. There is no such thing as patient privacy once big commercial ventures like large pharmas get involved...

For small to mid-size hospitals, nursing homes, medical device, healthcare IT vendors will have a much simpler audit and will be primarily interested in how cheaply the audit can be done and how much they can save using the technique of multiple threat analysis...

In order to prevent breaches of patient privacy, we first need to establish baseline business requirements for the organization. There are 6 business requirements for preventing patient privacy breaches, these are “must items” for any healthcare business unit manager...

Humans being are naturally curious, sometimes vindictive and always worried when it comes to the health condition of friends and family. Being human, they will bend rules to get information and in the course of bending rules, breach patient privacy...

As social media becomes part of the continuum of interaction in the physical and virtual worlds, privacy becomes an issue of discretionary disclosure control. Online privacy and patient privacy will evolve into a market for products and services with stratified pricing, packaging and product positioning...

The digitization of medical records may make folks queasy, but it is also efficient, offering an opportunity to save both money and lives. It is in fact inevitable. Unfortunately, so are data breaches and the identity compromises that follow. We need to be deadly serious because lives are at literally at stake...